[PATCH xserver] os: Treat ssh as a non-local client (v3)

Michel Dänzer michel at daenzer.net
Mon Jan 11 22:57:25 PST 2016 

On 17.12.2015 16:41, Michel Dänzer wrote:
> From: Adam Jackson <ajax at redhat.com>
> 
> By the time we get to ComputeLocalClient, we've already done
> NextAvailableClient → ReserveClientIds → DetermineClientCmd (assuming
> we're built with #define CLIENTIDS), so we can look up the name of the
> client process and refuse to treat ssh's X forwarding as if it were
> local.
> 
> v2: (Michel Dänzer)
>     * Only match "ssh" itself, not other executable names starting with
>       that prefix.
>     * Ignore executable path for the match.
> v3: (Michel Dänzer)
>     * Use GetClientCmdName (Mark Kettenis)
>     * Perform check on Windows as well, but only ignore path on Cygwin
>       (Martin Peres, Emil Velikov, Jon Turney)
> 
> Signed-off-by: Adam Jackson <ajax at redhat.com>
> Signed-off-by: Michel Dänzer <michel.daenzer at amd.com>

Martin, Mark, Jon, any other objections? If not, can we get a Reviewed-by?


> ---
>  os/access.c | 38 +++++++++++++++++++++++++++++++++++---
>  1 file changed, 35 insertions(+), 3 deletions(-)
> 
> diff --git a/os/access.c b/os/access.c
> index 10a48c3..3ea2e21 100644
> --- a/os/access.c
> +++ b/os/access.c
> @@ -173,6 +173,10 @@ SOFTWARE.
>  
>  #endif                          /* WIN32 */
>  
> +#if !defined(WIN32) || defined(__CYGWIN__)
> +#include <libgen.h>
> +#endif
> +
>  #define X_INCLUDE_NETDB_H
>  #include <X11/Xos_r.h>
>  
> @@ -1081,9 +1085,8 @@ ResetHosts(const char *display)
>      }
>  }
>  
> -/* Is client on the local host */
> -Bool
> -ComputeLocalClient(ClientPtr client)
> +static Bool
> +xtransLocalClient(ClientPtr client)
>  {
>      int alen, family, notused;
>      Xtransaddr *from = NULL;
> @@ -1116,6 +1119,35 @@ ComputeLocalClient(ClientPtr client)
>      return FALSE;
>  }
>  
> +/* Is client on the local host */
> +Bool
> +ComputeLocalClient(ClientPtr client)
> +{
> +    const char *cmdname = GetClientCmdName(client);
> +
> +    if (!xtransLocalClient(client))
> +        return FALSE;
> +
> +    /* If the executable name is "ssh", assume that this client connection
> +     * is forwarded from another host via SSH
> +     */
> +    if (cmdname) {
> +        Bool ret;
> +
> +#if !defined(WIN32) || defined(__CYGWIN__)
> +        char *cmd = strdup(cmdname);
> +        ret = strcmp(basename(cmd), "ssh") != 0;
> +        free(cmd);
> +#else
> +        ret = strcmp(cmdname, "ssh") != 0;
> +#endif
> +
> +        return ret;
> +    }
> +
> +    return TRUE;
> +}
> +
>  /*
>   * Return the uid and all gids of a connected local client
>   * Allocates a LocalClientCredRec - caller must call FreeLocalClientCreds
> 


-- 
Earthling Michel Dänzer               |               http://www.amd.com
Libre software enthusiast             |             Mesa and X developer

More information about the xorg-devel mailing list